Unless you’ve somehow managed to avoid both the news headlines and the barrage of content from IT security vendors that followed, you’ll no doubt be aware that a couple of weeks ago, there was a particularly severe ransomware attack that affected over 100,000 businesses around the globe, including the NHS.
The latest evidence indicates that the recent ‘WannaCry’ attack originated via an exploit tool created by the NSA, however it’s more common they originate via ‘phishing’ emails, the technique of tricking recipients into clicking a malicious link or opening an attachment, often appearing to be from a colleague or relative.
So with this in mind, now seems like a great time to give you a refresher on the features at your disposal as an MDaemon administrator to help prevent the type of phishing attack that can lead to a ransomware infection, along with some additional tips on best practice.
(Almost all of the security tools for MDaemon are in the SecurityPlus add-on so for the purpose of this post, I’ll be assuming you’ve got that installed.)
Last week we let you know about the release of MailStore v10.1, the centrepiece of which was a simple but useful feature we’ve been asked for quite a bit – scheduled email reporting.
You may be thinking, MailStore is German so there won’t be any issues to report on!? Well, not everything about your email is under MailStore’s control, so as an administrator, it’s still nice to see confirmation that your ‘Enten in einer Reihe’ occasionally.
In this blog post, I’ll show you how to enable the delightful HTML report email, and let you know how to get the most from it.
A popular feature of MDaemon is its ability to let administrators quickly pinpoint message activity and session information using detailed logs. Sometimes, however, what’s required is more an overview of server usage such as how load is being shared across users or mailboxes for example.
In this post I take a look at how you can use Microsoft Excel to query data you may not even be aware is available in MDaemon!
If you read my post on ‘spear phishing’ you’ll be aware that the hijacking of email accounts is on the rise. These attacks generally revolve around the attacker already knowing the login details for the account somehow.
When I speak to customers they often wonder how the attacker knew their seemingly complex password. Did they simply guess it?
The simple answer is no, in my opinion, that’s very unlikely.
It’s much more likely that the email address and password were used on another site/ service which has led to them being compromised or ‘pwned’.
Last year I wrote this article that described how you could use a combination of MailStore email archiver’s auditing features, the Windows task manager and a PowerShell script to send you email alerts in the event an archiving job failed.
This worked well but it was a little on the keen side, occasionally being triggered by a job failing that would actually just go on to run fine again shortly afterwards.